entitlements-github-plugin 0.4.4 → 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/lib/entitlements/backend/github_org/controller.rb +7 -6
  3. data/lib/entitlements/backend/github_org/provider.rb +2 -1
  4. data/lib/entitlements/backend/github_org/service.rb +9 -1
  5. data/lib/entitlements/backend/github_team/controller.rb +2 -1
  6. data/lib/entitlements/backend/github_team/provider.rb +4 -3
  7. data/lib/entitlements/backend/github_team/service.rb +18 -8
  8. data/lib/entitlements/service/github.rb +10 -7
  9. data/lib/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 98d2e4c18c22025d89bb53a24f87340596ed2add64b5b72d401ee31202636da4
4
- data.tar.gz: 602d1bd2dc77e02c19edb346ab8bbea6aed61c3a480d33fca3d082346cf2b1ee
3
+ metadata.gz: 0db3559ab7a07dfcd5d4a732095029a812097d5fd1152d79dc2a186a2db66707
4
+ data.tar.gz: cb97c975f6885865e4981b50c9db1d2b8d7e1eb26bca7bb62b0280ee7db6c9d2
5
5
  SHA512:
6
- metadata.gz: ee9a438713928741efb5c0d286ed91d774db024b460e349c60c2e81bd35c7c14f1e449022ce941178f89c188835f6533d906dea0250ae6e44010753636b94887
7
- data.tar.gz: 71ecfaf9b149cd1509f0ec6d23322cf45f2462c221deb8f01a2c02756c12a04a41e1c4b30b3e4803079d143a6cfda5aa78426f49c8df50196914d7ce9fa014ae
6
+ metadata.gz: 863dbd7ffe40ae5f72a27388c46777f2928bd342a88b9882c53274b54a209a34db43ac4e7312d6c2dda028cdedd321d22e120cc24f8f9092fcd1636ea2dfc7b1
7
+ data.tar.gz: 3d3c6d88f99389c9c1c38602d433c525f13b342d36350b09e19396cf1b4064a75e1552f0e06f4b6fbf9fe8f8b1fa0ef1b571c1734d057e312a0a56673f785fbf
data/lib/entitlements/backend/github_org/controller.rb CHANGED
@@ -120,12 +120,13 @@ module Entitlements
120
120
  Contract String, C::HashOf[String => C::Any] => nil
121
121
  def validate_config!(key, data)
122
122
  spec = COMMON_GROUP_CONFIG.merge({
123
- "base" => { required: true, type: String },
124
- "addr" => { required: false, type: String },
125
- "org" => { required: true, type: String },
126
- "token" => { required: true, type: String },
127
- "features" => { required: false, type: Array },
128
- "ignore" => { required: false, type: Array }
123
+ "base" => { required: true, type: String },
124
+ "addr" => { required: false, type: String },
125
+ "org" => { required: true, type: String },
126
+ "token" => { required: true, type: String },
127
+ "features" => { required: false, type: Array },
128
+ "ignore" => { required: false, type: Array },
129
+ "ignore_not_found" => { required: false, type: [FalseClass, TrueClass] },
129
130
  })
130
131
  text = "GitHub organization group #{key.inspect}"
131
132
  Entitlements::Util::Util.validate_attr!(spec, data, text)
data/lib/entitlements/backend/github_org/provider.rb CHANGED
@@ -25,7 +25,8 @@ module Entitlements
25
25
  org: config.fetch("org"),
26
26
  addr: config.fetch("addr", nil),
27
27
  token: config.fetch("token"),
28
- ou: config.fetch("base")
28
+ ou: config.fetch("base"),
29
+ ignore_not_found: config.fetch("ignore_not_found", false)
29
30
  )
30
31
  @role_cache = {}
31
32
  end
data/lib/entitlements/backend/github_org/service.rb CHANGED
@@ -44,7 +44,15 @@ module Entitlements
44
44
  Contract String, String => C::Bool
45
45
  def add_user_to_organization(user, role)
46
46
  Entitlements.logger.debug "#{identifier} add_user_to_organization(user=#{user}, org=#{org}, role=#{role})"
47
- new_membership = octokit.update_organization_membership(org, user:, role:)
47
+
48
+ begin
49
+ new_membership = octokit.update_organization_membership(org, user:, role:)
50
+ rescue Octokit::NotFound => e
51
+ raise e unless ignore_not_found
52
+
53
+ Entitlements.logger.warn "User #{user} not found in GitHub instance #{identifier}, ignoring."
54
+ return false
55
+ end
48
56
 
49
57
  # Happy path
50
58
  if new_membership[:role] == role
data/lib/entitlements/backend/github_team/controller.rb CHANGED
@@ -110,7 +110,8 @@ module Entitlements
110
110
  "base" => { required: true, type: String },
111
111
  "addr" => { required: false, type: String },
112
112
  "org" => { required: true, type: String },
113
- "token" => { required: true, type: String }
113
+ "token" => { required: true, type: String },
114
+ "ignore_not_found" => { required: false, type: [FalseClass, TrueClass] },
114
115
  })
115
116
  text = "GitHub group #{key.inspect}"
116
117
  Entitlements::Util::Util.validate_attr!(spec, data, text)
data/lib/entitlements/backend/github_team/provider.rb CHANGED
@@ -23,7 +23,8 @@ module Entitlements
23
23
  org: config.fetch("org"),
24
24
  addr: config.fetch("addr", nil),
25
25
  token: config.fetch("token"),
26
- ou: config.fetch("base")
26
+ ou: config.fetch("base"),
27
+ ignore_not_found: config.fetch("ignore_not_found", false)
27
28
  )
28
29
 
29
30
  @github_team_cache = {}
@@ -199,8 +200,8 @@ module Entitlements
199
200
  end
200
201
  end
201
202
 
202
- existing_maintainers = existing_group.metadata_fetch_if_exists("team_maintainers")
203
- changed_maintainers = group.metadata_fetch_if_exists("team_maintainers")
203
+ existing_maintainers = existing_group.metadata_fetch_if_exists("team_maintainers")&.downcase
204
+ changed_maintainers = group.metadata_fetch_if_exists("team_maintainers")&.downcase
204
205
  if existing_maintainers != changed_maintainers
205
206
  base_diff[:metadata] ||= {}
206
207
  if existing_maintainers.nil? && !changed_maintainers.nil?
data/lib/entitlements/backend/github_team/service.rb CHANGED
@@ -18,19 +18,21 @@ module Entitlements
18
18
 
19
19
  # Constructor.
20
20
  #
21
- # addr - Base URL a GitHub Enterprise API (leave undefined to use dotcom)
22
- # org - String with organization name
23
- # token - Access token for GitHub API
24
- # ou - Base OU for fudged DNs
21
+ # addr - Base URL a GitHub Enterprise API (leave undefined to use dotcom)
22
+ # org - String with organization name
23
+ # token - Access token for GitHub API
24
+ # ou - Base OU for fudged DNs
25
+ # ignore_not_found - Boolean to ignore not found errors
25
26
  #
26
27
  # Returns nothing.
27
28
  Contract C::KeywordArgs[
28
29
  addr: C::Maybe[String],
29
30
  org: String,
30
31
  token: String,
31
- ou: String
32
+ ou: String,
33
+ ignore_not_found: C::Maybe[C::Bool],
32
34
  ] => C::Any
33
- def initialize(addr: nil, org:, token:, ou:)
35
+ def initialize(addr: nil, org:, token:, ou:, ignore_not_found: false)
34
36
  super
35
37
  Entitlements.cache[:github_team_members] ||= {}
36
38
  Entitlements.cache[:github_team_members][org] ||= {}
@@ -436,8 +438,16 @@ module Entitlements
436
438
  end
437
439
  Entitlements.logger.debug "#{identifier} add_user_to_team(user=#{user}, org=#{org}, team_id=#{team.team_id}, role=#{role})"
438
440
  validate_team_id_and_slug!(team.team_id, team.team_name)
439
- result = octokit.add_team_membership(team.team_id, user, role:)
440
- result[:state] == "active" || result[:state] == "pending"
441
+
442
+ begin
443
+ result = octokit.add_team_membership(team.team_id, user, role:)
444
+ result[:state] == "active" || result[:state] == "pending"
445
+ rescue Octokit::NotFound => e
446
+ raise e unless ignore_not_found
447
+
448
+ Entitlements.logger.warn "User #{user} not found in GitHub instance #{identifier}, ignoring."
449
+ false
450
+ end
441
451
  end
442
452
 
443
453
  # Remove user from team.
data/lib/entitlements/service/github.rb CHANGED
@@ -17,28 +17,31 @@ module Entitlements
17
17
  MAX_GRAPHQL_RETRIES = 3
18
18
  WAIT_BETWEEN_GRAPHQL_RETRIES = 1
19
19
 
20
- attr_reader :addr, :org, :token, :ou
20
+ attr_reader :addr, :org, :token, :ou, :ignore_not_found
21
21
 
22
22
  # Constructor.
23
23
  #
24
- # addr - Base URL a GitHub Enterprise API (leave undefined to use dotcom)
25
- # org - String with organization name
26
- # token - Access token for GitHub API
27
- # ou - Base OU for fudged DNs
24
+ # addr - Base URL a GitHub Enterprise API (leave undefined to use dotcom)
25
+ # org - String with organization name
26
+ # token - Access token for GitHub API
27
+ # ou - Base OU for fudged DNs
28
+ # ignore_not_found - Boolean to ignore not found errors
28
29
  #
29
30
  # Returns nothing.
30
31
  Contract C::KeywordArgs[
31
32
  addr: C::Maybe[String],
32
33
  org: String,
33
34
  token: String,
34
- ou: String
35
+ ou: String,
36
+ ignore_not_found: C::Maybe[C::Bool],
35
37
  ] => C::Any
36
- def initialize(addr: nil, org:, token:, ou:)
38
+ def initialize(addr: nil, org:, token:, ou:, ignore_not_found: false)
37
39
  # Save some parameters for the connection but don't actually connect yet.
38
40
  @addr = addr
39
41
  @org = org
40
42
  @token = token
41
43
  @ou = ou
44
+ @ignore_not_found = ignore_not_found
42
45
 
43
46
  # This is a global cache across all invocations of this object. GitHub membership
44
47
  # need to be obtained only one time per organization, but might be used multiple times.
data/lib/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Entitlements
4
4
  module Version
5
- VERSION = "0.4.4"
5
+ VERSION = "0.5.1"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: entitlements-github-plugin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.4
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub, Inc. Security Ops
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-05 00:00:00.000000000 Z
11
+ date: 2024-01-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: contracts